Hi Gabriel,
As discussed, this is a fun one =)
We have to open the /proc/self/smaps file just after we fork the
loolkit worker, and just before we drop capabilities - cf. kit/Kit.cpp.
Any attempts to open it after that, or from wsd will not succeed due to
kernel paranoia: fair enough.
In a unipoll world - we could have a second local thread to read that
data from the kit and send it to wsd / Admin code.
But - that's painful around making our existing (rather pleasant)
single-threaded, easy to reason about lock-free poll loop far more complex.
The approach I'd love to see here is a simpler one:
* we pass the fd across the unix socket the kit has
to WSD using:
https://stackoverflow.com/questions/28003921/sending-file-descriptor-by-linux-socket?answertab=votes#tab-top
* then move the memory polling magic from the Kit
process to the Admin socket poll - which is where
it belongs. Then we can kill bad guys based
on policy from the Admin poll.
That should be beautiful, simplify the IPC logging we have
significantly, make logs shorter, cleaner, and prettier.
And life should be cleaner & prettier =)
Sounds good ?
Michael.
--
michael.meeks@xxxxxxxxxxxxx <><, GM Collabora Productivity
Hangout: mejmeeks@xxxxxxxxx, Skype: mmeeks
(M) +44 7795 666 147 - timezone usually UK / Europe
_______________________________________________
LibreOffice mailing list
LibreOffice@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/libreoffice
